SANS Cloud Security Curriculum - Security Boulevard

SANS Cloud Security Curriculum

SANS believes that the cloud is a transformative technology that will define the technology landscape for many years to come. Given the unmitigated growth of Cloud, we have launched the Cloud Security Curriculum to give you the training and skills you need to become a cloud security expert.

Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security.


Security focused | Technically capable | Forward thinking | Aware of the bigger picture | Knowledgeable | Confident




SEC488: Cloud Security Essentials

SEC510: Multicloud Security Assessment and Defense

SEC541: Cloud Monitoring and Threat Hunting

SEC584: Cloud Native Security: Defending Containers and Kubernetes

SEC588: Cloud Penetration Testing

MGT516: Managing Security Vulnerabilities: Enterprise & Cloud

MGT520: Leading Cloud Security Design and Implementation (coming very soon!)

In the Cloud, all things are dependent on applications, code, and automation. As such, our curriculum takes a holistic approach to Cloud Security. Courses range in complexity for those new to Cloud as well as those who have been around for the block a few times. If you are a developer, an architect, an engineer, an analyst, or a manger, the SANS Cloud Security Curriculum has training for you. If you are ready for deep, hands-on, highly technical, skill-specific training, we’re there for you. If you’re new to cybersecurity as a whole and want to start a journey in Cloud Security, we have you covered. Working with AWS? Azure? GCP? Multicloud? No problem, we’ve got the training you need.

With the development of the larger curriculum, SANS has conscientiously looked at job roles, training needs within those roles, and how we help students progress along their professional cloud security journey.


  • DevOps Professional – responsible for building applications and systems
  • Cloud Security Analyst – responsible for enabling defenses and analyzing issues
  • Cloud Security Engineer- responsible for building security capabilities
  • Cloud Security Architecture – responsible for designing
  • Cloud Security Manager – responsible for leading

The flight plan below shows a natural progression for a professional to follow within a specific job role from baseline to advanced, specialized topics.



To help students find the best starting point, we have defined each level.

Baseline – Courses that impart the baseline skills required of any information security professional involved in Cloud Security, whether active practitioner or manager

Foundational – Courses that provide the basic knowledge to introduce students to a required skill set for the Cloud Security industry as a whole.

Core – Courses that prepare professionals for more focused job functions in Cloud Security, including manager, architect, engineer, analyst, and developer.

Specialization – Courses for critical, advanced skills, or specialized roles in Cloud Security

Management – Courses for leaders, managers, directors developing a cloud security roadmap, plan, procurement models, and ensuring policy and procedure are defined to support cloud

Why Take Cloud Security Training With SANS?

  • Security-focused – technical training to properly secure services and workloads in the cloud
  • Holistic, Curated Curriculum – based on various job roles and focus areas
  • Multicloud Approach – training & comparisons on the Big 3 public cloud providers
  • Hands-On Labs – extensively focused on “the how” to properly deploy & secure a cloud environment using virtual machines, lab environments, and repeatable exercises
  • World-Class Instructors – versatile, real-world security practitioners authoring & instructing
  • Comprehensive Courseware – access to slides, notes, audio files, and labs for future reference
  • Certification Prep – specialized training that will help you prepare for a GIAC certification attempt

Providing Intensive, Immersion Training That is Immediately Applicable
We are here to help you get your hands dirty in cloud security training with re-deployable labs and a wealth of free training resources. Our curriculum has been developed through an industry consensus process and is a holistic approach to address public cloud. This includes multicloud, and hybrid-cloud scenarios for the enterprise and developing organizations alike. Don’t merely learn the ins-and-outs of one platform, as the future demands in-depth technical abilities coupled with security knowledge for each big cloud service provider.

In addition to courses, we offer two GIAC certifications with plans for more in 2021.


GCSA: GIAC Cloud Security Automation | GWEB: GIAC Certified Web Application Defender

More exciting milestones are on the horizon with the SANS Cloud Security Curriculum such as a brand new landing page, additional courses – both short and long, added GIAC certifications, a CyberStart Assessment, new posters, resources, and more! Stay tuned!


Hundreds of SANS Institute students have stepped up to the challenge and conquered. They’ve mastered the concepts and skills, beat out their classmates, and proven their prowess. These are the elite, the recipients of a SANS Challenge Coin, an award given to a select portion of the thousands of students that have taken any of the SANS courses. More SANS Cloud Security Challenge Coins are coming in 2021!




*** This is a Security Bloggers Network syndicated blog from SANS Blog authored by SANS Blog. Read the original post at: